IBM study: Role of IT security executives changing

CISOs placed into categories based on breach preparedness, security maturity


According to new study from IBM’s Center for Applied Insights, the role of senior information security executives has shifted dramatically in recent times - from simply responding to threats to anticipating and mitigating them before they occur.

The study, “Finding a strategic voice: Insights from the 2012 IBM Chief Information Security Officer Assessment,” surveyed more than 130 security leaders at organizations around the world and found that today’s CISOs are under more pressure than ever before.

Nearly two-thirds of respondents said that their senior executives are paying more attention to security today than two years ago, due mainly to several high profile hacking incidents and data breaches. In addition, more than half of respondents said that mobile security would be a primary technology concern for them over the next two years and nearly two-thirds expected information security spending to increase during that same time period.

The study also placed security leaders into three separate categories (influencers, protectors and responders) depending on their breach preparedness and security maturity levels.

According to the study, “influencers” are characterized as being confident and prepared with the ability to influence the business strategically. “Protectors” are less confident and prioritize security strategically, but lack necessary structural elements. “Responders” are the least confident and focus their efforts largely on protection and compliance.

Click here to read more information about the study.